CVE-2023-54014
Unknown
Unknown - Not Provided
Null Pointer Dereference in Linux Kernel qla2xxx SCSI Driver
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
Klocwork reported warning of rport maybe NULL and will be dereferenced.
rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced.
Check valid rport returned by fc_bsg_to_rport().
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's scsi qla2xxx driver where a function call to fc_bsg_to_rport() may return a NULL pointer (rport). The code does not properly check if rport is NULL before dereferencing it, which can lead to a null pointer dereference issue.
How can this vulnerability impact me? :
If exploited, this vulnerability could cause the Linux kernel to dereference a NULL pointer, potentially leading to a system crash or denial of service.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70